In the claims : 



1 . (currently amended) An access control method for an internet television system where 
each of a plurality of television channel channels is carried over a different multicast group, 
and subscribers join a particular multicast group in order to receive a particular channel, the 
access control method comprising: 

distributing multicast group access control information from a distribution device to a 
plurality of access devices for use by the access devices in authenticating subsequent requests 
made subsequent to the distribution of access control information by individual host devices to 
join a television channel multicast group in order to reduce delay in authentication when a host 
device changes television channels, wherein each access device is logically closer to the host 
device from which the access device receives the request than the distribution device; 

receiving, by one of the access devices, a subsequent request by one of the host devices to 
join the television channel multicast group in order to change television channels; 

determining, by the access device, whether the host device is authorized to join the 
television channel multicast group, and receive a particular television channel, based upon the 
access control information distributed from the distribution device; and 

admitting, by the access device, the host device to the television channel multicast group 
if and only if the host device is determined to be authorized to join the television channel 
multicast group, 

whereby the access device receives the access control information before it is needed for 
determining whether the host device is authorized to join the multicast group, thereby facilitating 
changing channels by reducing authentication delay. 



2. (original) The access control method of claim 1, wherein distributing the access control 
information from the distribution device to the access device comprises: 

pushing the access control information from the distribution device to the access 
control device using a predetermined push mechanism. 

3. (original) The access control method of claim 2, wherein the predetermined push mechanism 
comprises a reliable multicast mechanism. 

4. (original) The access control method of claim 3, wherein pushing the access control 
information from the distribution device to the access control device using the predetermined 
push mechanism comprises: 

joining a predetermined multicast group by the access device; 

sending the access control information to the predetermined multicast group by the 
distribution device using the reliable multicast mechanism; 

receiving the access control information by the access device from the multicast group 
using the reliable multicast mechanism. 

5. (original) The access control method of claim 2, wherein the predetermined push mechanism 
comprises a policy service. 

6. (original) The access control method of claim 5, wherein the policy service comprises a 
Common Open Policy Service (COPS). 



7. (original) The access control method of claim 5, wherein pushing the access control 
information from the distribution device to the access control device using a predetermined push 
mechanism comprises: 

sending the access control information from the distribution device to the access device 
in the form of policy information using the policy service. 

8. (original) The access control method of claim 2, wherein the predetermined push mechanism 
comprises a management mechanism. 

9. (original) The access control method of claim 8, wherein the management mechanism 
comprises a Simple Network Management Protocol (SNMP). 

10. (original) The access control method of claim 8, wherein the management mechanism 
comprises a Command Line Interface (CU). 

1 1 . (original) The access control method of claim 8, wherein pushing the access control 
information from the distribution device to the access control device using a predetermined push 
mechanism comprises: 

sending the access control information from the distribution device to the access device 
in the form of management information using the management mechanism. 

12. (original) The access control method of claim 1, wherein determining whether the host 
device is authorized to join the television channel multicast group comprises: 



authenticating the host device based upon the access control information. 

13. (original) The access control method of claim 1, wherein admitting the host device to the 
television channel multicast group comprises: 

joining the television channel multicast group by the access device using a 
predetermined multicast routing protocol. 

14. (original) The access control method of claim 13, wherein the predetermined multicast 
routing protocol comprises a Protocol Independent Multicast (PIM) multicast routing -protocol. 

15. (currently amended) An apparatus for distributing access control information in an internet 
television system where each of a plurality of different television channel channels is carried 
over a different multicast group, and subscribers join a particular multicast group in order to 
receive a particular channel at a host device, the apparatus comprising: 

maintenance logic and memory operably coupled to maintain multicast group 
access control information; and 

distribution logic and an interface operably coupled to distribute the access 
control information to at least one access device using a predetermined push mechanism 
in order to reduce delay in authentication when a host device changes television channels, 
wherein the access device is operable to transmit the channel to the host device and is 
logically closer to the host device than the apparatus for distributing access control 
information, 



whereby the access device receives the access control information before it is needed for 
determining whether a host device is authorized to join a multicast group, and receive a 
particular television channel, and whereby access control information is moved closer to 
the host device, thereby facilitating changing channels by reducing authentication delay. 

16. (original) The apparatus of claim 15, wherein the predetermined push mechanism comprises 
a reliable multicast mechanism. 

17. (original) The apparatus of claim 16, wherein the distribution logic is operably coupled to 
send the access control information to a predetermined multicast group using the reliable 
multicast mechanism. 

18. (original) The apparatus of claim 15, wherein the predetermined push mechanism comprises 
a policy service. 

19. (original) The apparatus of claim 18, wherein the policy service comprises a Common Open 
Policy Service (COPS). 

20. (original) The apparatus of claim 18, wherein the distribution logic is operably coupled to 
send the access control information to the access device in the form of policy information using 
the policy service. 



21. (original) The apparatus of claim 15, wherein the predetermined push mechanism comprises 
a management mechanism. 

22. (original) The apparatus of claim 21, wherein the management mechanism comprises a 
Simple Network Management Protocol (SNMP). 

23. (original) The apparatus of claim 21, wherein the management mechanism comprises a 
Command Line Interface (CLI). 

24. (original) The apparatus of claim 21, wherein the distribution logic is operably coupled to 
send the access control information from the distribution device to the access device in the form 
of management information using the management mechanism. 

25. (currently amended) A computer program embedded in a tangible storage medium for 
controlling a computer system for delivering television where each of a plurality of television 
channel channels is carried over a different multicast group, and subscribers join a particular 
multicast group in order to receive a particular channel at a host device, the computer program 
comprising: 

maintenance logic programmed to maintain multicast group access control information; 

and 

distribution logic programmed to distribute the access control information to at least one 
access device using a predetermined push mechanism in order to reduce delay in authentication 
when a host device changes television channels, wherein the access device is operable to 



transmit the channel to the host device and is logically closer to the host device than the 

apparatus for distributing access control information, 

whereby the access device receives the access control information before it is needed, and 
whereby access control information is moved closer to the host device, thereby facilitating 
changing channels by reducing authentication delay. 

26. (original) The computer program of claim 25, wherein the predetermined push mechanism 
comprises a reliable multicast mechanism. 

27. (original) The computer program of claim 26, wherein the distribution logic is programmed 
to send the access control information to a predetermined multicast group using the reliable 
multicast mechanism. 

28. (original) The computer program of claim 25, wherein the predetermined push mechanism 
comprises a policy service. 

29. (original) The computer program of claim 28, wherein the policy service comprises a 
Common Open Policy Service (COPS). 

30. (original) The computer program of claim 28, wherein the distribution logic is programmed 
to send the access control information to the access device in the form of policy information 
using the policy service. 



3 1 . (original) The computer program of claim 25, wherein the predetermined push mechanism 
comprises a management mechanism. 

32. (original) The computer program of claim 31, wherein the management mechanism 
comprises a Simple Network Management Protocol (SNMP). 

33. (original) The computer program of claim 31, wherein the management mechanism 
comprises a Command Line Interface (CLI). 

34. (original) The computer program of claim 31, wherein the distribution logic is programmed 
to send the access control information from the distribution device to the access device in the 
form of management information using the management mechanism. 

35. (currently amended) An apparatus for providing receiver access control in an internet 
television system for delivering television where each of a plurality of television channel 
channels is carried over a different multicast group, and subscribers join a particular multicast 
group in order to receive a particular channel at a host device, the apparatus comprising: 

distribution logic operably coupled to receive multicast group access control information 
from a distribution device using a predetermined push mechanism in order to reduce delay in 
authentication when a host device changes television channels; 

host interface logic operably coupled to receive a request from a host device to join a 
television channel multicast group; and 



access control logic operably coupled to determine whether the host device is authorized 
to join the television channel multicast group based upon the access control information, wherein 
the apparatus is logically closer to the host device than the distribution device, whereby the 
access device receives the access control information before it is needed, and whereby access 
control information is moved closer to the host device, thereby facilitating changing channels by 
reducing authentication delay. 

36. (original) The apparatus of claim 35, wherein the predetermined push mechanism comprises 
a reliable multicast mechanism. 

37. (original) The apparatus of claim 36, wherein the distribution logic is operably coupled to 
join a predetermined multicast group and receive the access control information from the 
predetermined multicast group using the reliable multicast mechanism. 

38. (original) The apparatus of claim 35, wherein the predetermined push mechanism comprises 
a policy service. 

39. (original) The apparatus of claim 38, wherein the policy service comprises a Common Open 
Policy Service (COPS). 

40. (original) The apparatus of claim 38, wherein the distribution logic is operably coupled to 
receive the access control information from the distribution device in the form of policy 
information using the policy service. 



41. (original) The apparatus of claim 35, wherein the predetermined push mechanism comprises 
a management mechanism. 

42. (original) The apparatus of claim 41, wherein the management mechanism comprises a 
Simple Network Management Protocol (SNMP). 

43. (original) The apparatus of claim 41, wherein the management mechanism comprises a 
Command Line Interface (CLI). 

44. (original) The apparatus of claim 41, wherein the distribution logic is operably coupled to 
receive the access control information from the distribution device in the form of management 
information using the management mechanism. 

45. (currently amended) A computer program embedded in a tangible storage medium for 
controlling a computer system for delivering television where each of a plurality of television 
channel channels is carried over a different multicast group, and subscribers join a particular 
multicast group in order to receive a particular channel at a host device, the computer program 
comprising: 

distribution logic programmed to receive multicast group access control information from 
a distribution device using a predetermined push mechanism in order to reduce delay in 
authentication when a host device changes television channels; 



host interface logic programmed to receive a request from a host device to join a 
television channel multicast group; and 

access control logic programmed to determine whether the host device is authorized to 
join the television channel multicast group based upon the access control information, wherein 
the host interface logic is executed by a device that is logically closer to the host device than the 
distribution device, whereby the access device receives the access control information before it is 
needed, and whereby access control information is moved closer to the host device, thereby 
facilitating changing channels by reducing authentication delay. 

46. (original) The computer program of claim 45, wherein the predetermined push mechanism 
comprises a reliable multicast mechanism. 

47. (original) The computer program of claim 46, wherein the distribution logic is programmed 
to join a predetermined multicast group and receive the access control information from the 
predetermined multicast group using the reliable multicast mechanism. 

48. (original) The computer program of claim 45, wherein the predetermined push mechanism 
comprises a policy service. 

49. (original) The computer program of claim 48, wherein the policy service comprises a 
Common Open Policy Service (COPS). 



50. (original) The computer program of claim 48, wherein the distribution logic is programmed 
to receive the access control information from the distribution device in the form of policy 
information using the policy service. 

5 1 . (original) The computer program of claim 45, wherein the predetermined push mechanism 
comprises a management mechanism. 

52. (original) The computer program of claim 51, wherein the management mechanism 
comprises a Simple Network Management Protocol (SNMP). 

53. (original) The computer program of claim 51, wherein the management mechanism 
comprises a Command Line Interface (CU). 

54. (original) The computer program of claim 51, wherein the distribution logic is programmed 
to receive the access control information from the distribution device in the form of management 
information using the management mechanism. 

55. (previously presented) An internet television system for delivering a video signal to a host 
device for display, comprising: 

a distribution device in communication with at least one access device over a 
communication network, wherein the distribution device uses a predetermined push mechanism 
to distribute multicast group access control information to the at least one access device in order 
to reduce delay in authentication when a host device changes television channels, and wherein 



the at least one access device uses the access control information to control access to at least one 
television channel multicast group, wherein the access device is logically closer to the host 
device than the distribution device, whereby the access device receives the access control 
information before it is needed, and whereby access control information is moved closer to the 
host device, thereby facilitating changing channels by reducing authentication delay. 



